package com.example.server.security;

import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class AnnotationSessionBasedAuthorizeInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;

            PreAuthorize methodAnnotation = handlerMethod.getMethodAnnotation(PreAuthorize.class);

            if (methodAnnotation == null) {
                return true;
            }else {
                String type = methodAnnotation.type();
                String[] roles = methodAnnotation.roles();

                if (type.equals("hasAnyRole")) {

                } else if (type.equals("hasAllRoles")) {
                    // TODO 作业
                }
            }
        }
        return false;
    }
}
